IT Security and Compliance Officer
Hamad International Airport
Total des années d'expérience :16 years, 2 Mois
•Instrumental in implementing integrated management systems (ISO 27000 and ISO 20000) for Service Management and Information Security Management in compliance to regulatory requirements.
•Designed and rolled out information assurance policies, governance controls, and security metrics (KPI) to monitor performance.
•Conveyed Management Review Meeting with stakeholders to discuss and identify emerging cyber and information security risks through consistent review of business applications and infrastructure systems.
•Coordinate with PenTesting team to find out vulnerabilities in the infrastructure and design an action plan to mitigate the risks.
•Participated in national cyber drill as a process champion for simulating security incident responses and creating threat models.
•Liaison with external certification agency for coordinating audit for organizational functions.
•Spearheaded Information Security Risk Assessment of 72 departments across 5 locations for Dubai Health Authority and having 120+ applications and 100+ IT and IoT devices.
•Conducted Information Security Awareness, and Risk Assessment training for over 150 InfoSec champions and ensured implementation of key information security practices.
•Developed security policies and tools to govern supplier security assurance and support technology decisions.
•Oversaw implementation of GRC (RSA Archer) tool and alignment with Dubai Information Security Regulations (ISR).
•Managed the Cyber Security project worth of USD 250, 000 with a team of 8 engineers for user base of 160 for a prestigious national event of Abu Dhabi Grand Prix.
•Managed implementation of new SIEM systems, coordinating closely with internal personnel and outside vendors.
•Improved executives' leadership skills with targeted advice on business needs, capabilities, and future plans.
•Performed periodic user access review for the 6 IT services, and 10 critical applications.
•Established and implemented Agile methodologies for integrated management system fulfilling requirements for compliance cloud application security (SaaS) practices aligned to ISO 27001 and FDA USA.
•Modeled integration of the different solutions like JIRA, Confluence, Sharepoint, BitBucket, GitHub for effective management systems
•Managed and mentored a team of 5+ process champions which ensure achieving CMMI Maturity Level 3 for the organization in a stringent timeline.
•Led a Software Engineering Process Group that was responsible for collection and evaluation of software process improvement suggestions, and providing implementation guidance and resources.
•Resolved financial leakage of the organization by leading a lean six sigma project that resulted in saving of 3 million rupees (approx. 50000 USD) in overtime payment and redrafting of the HR Policy.
• Successful CMMI Level 3 assessment and ISO 20000 implementation for client organizations assisting at different stages from the gap analysis until appraisal and certification.
• Earned Service Excellence Award for outstanding performance in designing and improving IT Infrastructure processes of the leading Bank of South Africa using ITIL best practices and ARIS designer.
• Recognized and honoured for contributions to
• Established Quality Management System using best practices of CMMI and Agile Scrum.
• Involved in pre-sales for proposing an affordable solution, project plan, and adequate resourcing model as per the problem statement and business requirements
in
•